<?php

require_once '../include/common.inc.php';
require_once '../include/upfile.class.php';

if (!checkAdmin()) {
    header("LOCATION:index.php");
    exit;
}

$menu_index = 3;
$page_title = 'JANSEN';
$guide_message = 'Info | Photo Gallery';
$out_ary = array();
$alert_message = '';

$key = "Enter name...";
getMyParam('action');
getMyParam('key');

if ($action == "add" || $action == "edit") {
    getMyParam('pid');
    getMyParam('name');
	getMyParam('namezh');
	getMyParam('nameru');
    getMyParam('photo_category_id');
    getMyParam('description');
	getMyParam('descriptionzh');
	getMyParam('descriptionru');
    getMyParam('up_pic');
    getMyParam('seq');
    
    // ޸ʱжǷid͹
    if ($action == "edit" && (!is_numeric($pid) || $pid <= 0)) {
        $alert_message .= "\n\nFailed.";
    }
    if (strlen($name) <2 || strlen($name) > 100) {
        $alert_message .= "\n\nSubject must be no more than 100 characters.";
    }
    if (strlen($description) > 250) {
        $alert_message .= "\n\nDescription must be no more than 250 characters.";
    }
    if (!preg_match("/^[0-9]{0,4}$/i", $seq)) {
        $alert_message .= "<p>You have specified an invalid Sequence.</p>";
    }
    
    // ͼƬϴ
    $file_name = '';
    $set_up_pic = false;
    if($_FILES['up_pic']['size'] > 0 && trim($_FILES['up_pic']['name']) != ""){
        $set_up_pic = true;
        $upfile = new uploadFile($_FILES['up_pic']);
        $upfile->setFileName('J_A_PHOTO_' . $timestamp);
        $upfile->setFileType(array('image/pjpeg', 'image/gif', 'image/jpeg'));
        $upfile->setAcceptOverwrite(0);   //0:��ͬļ
        $upfile->setStoreDir(JANSEN_ROOT.'zh/attachments/');
        $upfile->setMaxSize(1024*1024*2);

        if (!$upfile->save()) {
           /* echo "<script>alert('" . $upfile->error_msg . "');location.href='p_category.php';</script>";*/
          /*  echo "<script>alert('" . $upfile->error_msg . "');history.back(-1);</script>";*/
            //exit;
            $alert_message .= "\n\n" . $upfile->error_msg;
        }
        $file_name = $upfile->fileName;
    }

    if ($alert_message == "") {
        
        if ($action == "add") {
			$sql = "INSERT INTO `photo` (`name`,`namezh`,`nameru`, `photo_category_id`, `pic`, `description`,`descriptionzh`,`descriptionru`, `seq`) VALUES ('$name','$namezh','$nameru', '$photo_category_id', '$file_name', '$description','$descriptionzh','$descriptionru', '$seq')";
            $db->query($sql);
        }

        if ($action == "edit") {
            if ($file_name == "" && !$set_up_pic) {
                $sql = "UPDATE `photo` SET
                       `name` = '$name',
						`namezh` = '$namezh', 
						`nameru` = '$nameru', 
                       `photo_category_id` = '$photo_category_id', 
                       `description` = '$description',
						`descriptionzh` = '$descriptionzh',
						`descriptionru` = '$descriptionru',  
                       `seq` = '$seq'
                       WHERE `id` = '$pid'";
            } else {
                $sql = "UPDATE `photo` SET
                       `name` = '$name', 
						`namezh` = '$namezh',
						`nameru` = '$nameru', 
                       `photo_category_id` = '$photo_category_id', 
                       `description` = '$description',
						`descriptionzh` = '$descriptionzh',  
						`descriptionru` = '$descriptionru',  
                       `seq` = '$seq', 
                       `pic` = '$file_name'                      
                       WHERE `id` = '$pid'";
                $sql_del = "SELECT `pic` FROM `photo` WHERE `id` = '" . $pid . "'";
                $rs_del = $db->get_one($sql_del);
                delPicture($rs_del['pic']);
            }
            $db->query($sql);
            
            goFromPage();
        }

        header("LOCATION:i_photo.php");
        exit;
    }

}

if ($action == "del") {
    getMyParam('pid');

    if (is_numeric($pid) && $pid > 0) {

        $sql = "DELETE FROM `photo` WHERE `id` = '" . $pid . "'";
        $db->query($sql);
        //header("LOCATION:i_photo.php");
    }

    goFromPage();
}

$page_url = 'i_photo.php?';
if ($action == "search" && trim($key) != "") {
    $sql_where .= " WHERE `name` LIKE '%$key%'";
    $page_url = 'i_photo.php?action=search&key=' . $key . '&';
}


// *** page code start ***
$sql = "SELECT `id` FROM `photo` $sql_where";
$query = $db->query($sql);
$sql_all_num = $db->num_rows($query);

$ppp = 10;
getMyParam('page');
$page = empty($page) || !ispage($page) ? 1 : $page;
$start_limit = ($page - 1) * $ppp;
if($start_limit > $sql_all_num) {
    $start_limit = 0;
    $page = 1;
}

$page_show = getPageStr($sql_all_num, $page, $ppp, $page_url);

// *** page code end ***

$sql = "SELECT `id`, `name`,`namezh`,`nameru`, `photo_category_id`, `description`,`descriptionzh`, `pic`, `seq` FROM `photo` $sql_where ORDER BY `seq` ASC, `id` DESC LIMIT $start_limit, $ppp";
$query = $db->query($sql);
while($rs = $db->fetch_array($query)) {
    if ($action == "search" && trim($key) != "") {
        $rs['name'] = str_replace($key, "<font color=red>$key</font>", $rs['name']);
    }
    $out_ary[] = $rs;
}

$sql = "SELECT `id`, `name`,`namezh` ,`nameru` FROM `photo_category` ORDER BY `seq` ASC, `id` DESC";
$query = $db->query($sql);
while($rs = $db->fetch_array($query)) {
    $photo_category_ary[$rs['id']] = $rs['name'];
	$photo_category_aryzh[$rs['id']] = $rs['namezh'];
	$photo_category_aryru[$rs['id']] = $rs['nameru'];
}

$debug = 1;
debuginfo();

include_once(JANSEN_ROOT . 'admin/menu_list.php');
require_once PrintEot('a_header');
require_once PrintEot('a_i_photo');
require_once PrintEot('a_footer');

?>